Skip to content

Commit

Permalink
Add OBS Vigilance Spider (#20)
Browse files Browse the repository at this point in the history 
* Add OBS Vigilance Spider

* Automatic update with GitHub Actions

Co-authored-by: karimhabush <37211852+karimhabush@users.noreply.github.com>
Co-authored-by: GitHub Action <action@github.com>
  • Loading branch information
@chaymae-jhr @karimhabush @actions-user
3 people committed Jul 30, 2022
1 parent d5951d3 commit b17b657
Show file tree
Hide file tree
Showing 3 changed files with 79 additions and 22 deletions.
55 changes: 35 additions & 20 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## CyberOwl
![cyberowl](docs/images/logo.png)
> Last Updated 30/07/2022 12:28:01 UTC
> Last Updated 30/07/2022 14:12:46 UTC
A daily updated summary of the most frequent types of security incidents currently being reported from different sources.

Expand All @@ -16,19 +16,10 @@ A daily updated summary of the most frequent types of security incidents current
| [CERT-FR](#cert-fr-arrow_heading_up) | The French national government Computer Security Incident Response Team. |
| [IBM X-Force Exchange](#ibmcloud-arrow_heading_up) | A cloud-based threat intelligence platform that allows to consume, share and act on threat intelligence. |
| [ZeroDayInitiative](#zerodayinitiative-arrow_heading_up) | An international software vulnerability initiative that was started in 2005 by TippingPoint. |
| [OBS Vigilance](#obs-vigilance-arrow_heading_up) |Vigilance is an initiative created by OBS (Orange Business Services) since 1999 to watch public vulnerabilities and then offer security fixes, a database and tools to remediate them. |

> Suggest a source by opening an [issue](https://github.com/karimhabush/cyberowl/issues)! :raised_hands:
---
### US-CERT [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [CISA Adds One Known Exploited Vulnerability to Catalog](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/29/cisa-adds-one-known-exploited-vulnerability-catalog) | <p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities Catalog</a>, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. <strong>Note:</strong> To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.</p> | Friday, July 29, 2022 |
| [CISA Releases Log4Shell-Related MAR](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/28/cisa-releases-log4shell-related-mar-0) | <p>From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings.</p> | Thursday, July 28, 2022 |
| [Samba Releases Security Updates ](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/27/samba-releases-security-updates) | <p>The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. </p> | Wednesday, July 27, 2022 |
| [Apple Releases Security Updates for Multiple Products](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/apple-releases-security-updates-multiple-products) | <p>Apple has released security updates to address vulnerabilities in multiple products. These updates address vulnerabilities attackers could exploit to take control of affected systems.</p> | Friday, July 22, 2022 |
| [Cisco Releases Security Updates for Multiple Products](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/cisco-releases-security-updates-multiple-products) | <p>Cisco has released security updates to address vulnerabilities in multiple products. Some of these vulnerabilities could allow a remote attacker to execute take control of an affected system. For updates addressing lower severity vulnerabilities, see the <a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories page</a>. </p> | Friday, July 22, 2022 |
| [Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/atlassian-releases-security-advisory-questions-confluence-app-cve) | <p>Atlassian has released a security advisory to address a vulnerability (CVE-2022-26138) affecting Questions for Confluence App. An attacker could exploit this vulnerability to obtain sensitive information. Atlassian reports that the vulnerability is likely to be exploited in the wild.</p> | Friday, July 22, 2022 |
---
### IBMCloud [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
Expand All @@ -41,17 +32,15 @@ A daily updated summary of the most frequent types of security incidents current
| [Carel pCOWeb HVAC BACnet Gateway directory traversal](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Geonetwork XML external entity injection](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
---
### ZeroDayInitiative [:arrow_heading_up:](#cyberowl)
### US-CERT [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1035/) | Visit link for details | July 29, 2022 |
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1034/) | Visit link for details | July 29, 2022 |
| [Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1033/) | Visit link for details | July 28, 2022 |
| [EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1032/) | Visit link for details | July 28, 2022 |
| [OPC Labs QuickOPC Connectivity Explorer Deserialization of Untrusted Data Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1031/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Improper Update of Reference Count Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1030/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Infinite Loop Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1029/) | Visit link for details | July 28, 2022 |
| [Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1028/) | Visit link for details | July 28, 2022 |
| [CISA Adds One Known Exploited Vulnerability to Catalog](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/29/cisa-adds-one-known-exploited-vulnerability-catalog) | <p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities Catalog</a>, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. <strong>Note:</strong> To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates.</p> | Friday, July 29, 2022 |
| [CISA Releases Log4Shell-Related MAR](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/28/cisa-releases-log4shell-related-mar-0) | <p>From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings.</p> | Thursday, July 28, 2022 |
| [Samba Releases Security Updates ](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/27/samba-releases-security-updates) | <p>The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. </p> | Wednesday, July 27, 2022 |
| [Apple Releases Security Updates for Multiple Products](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/apple-releases-security-updates-multiple-products) | <p>Apple has released security updates to address vulnerabilities in multiple products. These updates address vulnerabilities attackers could exploit to take control of affected systems.</p> | Friday, July 22, 2022 |
| [Cisco Releases Security Updates for Multiple Products](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/cisco-releases-security-updates-multiple-products) | <p>Cisco has released security updates to address vulnerabilities in multiple products. Some of these vulnerabilities could allow a remote attacker to execute take control of an affected system. For updates addressing lower severity vulnerabilities, see the <a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories page</a>. </p> | Friday, July 22, 2022 |
| [Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/atlassian-releases-security-advisory-questions-confluence-app-cve) | <p>Atlassian has released a security advisory to address a vulnerability (CVE-2022-26138) affecting Questions for Confluence App. An attacker could exploit this vulnerability to obtain sensitive information. Atlassian reports that the vulnerability is likely to be exploited in the wild.</p> | Friday, July 22, 2022 |
---
### CERT-FR [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
Expand All @@ -67,6 +56,18 @@ A daily updated summary of the most frequent types of security incidents current
| [Multiples vulnérabilités dans le noyau Linux de Debian](https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-687/) | De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges. | 29 juillet 2022 |
| [Multiples vulnérabilités dans Samba](https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-686/) | De multiples vulnérabilités ont été découvertes dans Samba. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données. | 27 juillet 2022 |
---
### ZeroDayInitiative [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1035/) | Visit link for details | July 29, 2022 |
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1034/) | Visit link for details | July 29, 2022 |
| [Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1033/) | Visit link for details | July 28, 2022 |
| [EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1032/) | Visit link for details | July 28, 2022 |
| [OPC Labs QuickOPC Connectivity Explorer Deserialization of Untrusted Data Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1031/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Improper Update of Reference Count Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1030/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Infinite Loop Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1029/) | Visit link for details | July 28, 2022 |
| [Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1028/) | Visit link for details | July 28, 2022 |
---
### MA-CERT [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
Expand All @@ -82,3 +83,17 @@ A daily updated summary of the most frequent types of security incidents current
| [37362107/22 - Vulnérabilités dans Cisco Small Business](https://www.dgssi.gov.ma/fr/content/3736210722-vulnerabilites-dans-cisco-small-business.html) | Plusieurs vulnérabilités ont été corrigées dans les versions susmentionnées de Cisco Small Business. L’exploitation de ces failles pourrait permettre à un attaquant distant et authentifié d'exécuter du code arbitraire sur un appareil... | 21 juillet 2022 |
| [37352107/22 - Vulnérabilités critique dans Cisco Nexus Dashboard](https://www.dgssi.gov.ma/fr/content/3735210722-vulnerabilites-critique-dans-cisco-nexus-dashboard.html) | Plusieurs vulnérabilités Critiques ont été corrigées dans Cisco Nexus Dashboard. L’exploitation de ces failles permet à un attaquant d’exécuter des commandes et d'effectuer des actions avec les privilèges de l'administrateur ou... | 21 juillet 2022 |
| [37342007/22 - "Oracle Critical Patch Update" du Mois Juillet 2022](https://www.dgssi.gov.ma/fr/content/3734200722-oracle-critical-patch-update-du-mois-juillet-2022.html) | Oracle a publié des correctifs de sécurité pour traiter plusieurs vulnérabilités dans le cadre de sa mise à jour « Oracle Critical Patch Update » du mois Juillet 2022. L'exploitation de certaines de ces vulnérabilités pourrait... | 20 juillet 2022 |
---
### OBS-Vigilance [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [<a href="https://vigilance.fr/vulnerability/Ruby-TZInfo-directory-traversal-via-tzinfo-data-38959" class="noirorange"><b>Ruby TZInfo</b>: directory traversal via tzinfo-data</a>](https://vigilance.fr/vulnerability/Ruby-TZInfo-directory-traversal-via-tzinfo-data-38959) | An attacker can traverse directories of Ruby TZInfo, via tzinfo-data, in order to read a file outside the service root path... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Das-U-Boot-buffer-overflow-via-do-i2c-md-38958" class="noirorange"><b>Das U-Boot</b>: buffer overflow via do_i2c_md()</a>](https://vigilance.fr/vulnerability/Das-U-Boot-buffer-overflow-via-do-i2c-md-38958) | An attacker can trigger a buffer overflow of Das U-Boot, via do_i2c_md(), in order to trigger a denial of service, and possibly to run code... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Booth-information-disclosure-via-Ignored-Authfile-Directive-38957" class="noirorange"><b>Booth</b>: information disclosure via Ignored Authfile Directive</a>](https://vigilance.fr/vulnerability/Booth-information-disclosure-via-Ignored-Authfile-Directive-38957) | An attacker can bypass access restrictions to data of Booth, via Ignored Authfile Directive, in order to read sensitive information... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Centreon-Web-multiple-vulnerabilities-38954" class="noirorange"><b>Centreon Web</b>: multiple vulnerabilities</a>](https://vigilance.fr/vulnerability/Centreon-Web-multiple-vulnerabilities-38954) | An attacker can use several vulnerabilities of Centreon Web... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/libtirpc-overload-via-Idle-TCP-Connections-38952" class="noirorange"><b>libtirpc</b>: overload via Idle TCP Connections</a>](https://vigilance.fr/vulnerability/libtirpc-overload-via-Idle-TCP-Connections-38952) | An attacker can trigger an overload of libtirpc, via Idle TCP Connections, in order to trigger a denial of service... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/libguestfs-overload-via-get-keys-38950" class="noirorange"><b>libguestfs</b>: overload via get_keys()</a>](https://vigilance.fr/vulnerability/libguestfs-overload-via-get-keys-38950) | An attacker can trigger an overload of libguestfs, via get_keys(), in order to trigger a denial of service... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-xfrm-pols-put-38948" class="noirorange"><b>Linux kernel</b>: denial of service via xfrm_pols_put()</a>](https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-xfrm-pols-put-38948) | An attacker can cause a fatal error of the Linux kernel, via xfrm_pols_put(), in order to trigger a denial of service... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Webmin-Usermin-Cross-Site-Scripting-via-Read-Mail-Module-38947" class="noirorange"><b>Webmin - Usermin</b>: Cross Site Scripting via Read Mail Module</a>](https://vigilance.fr/vulnerability/Webmin-Usermin-Cross-Site-Scripting-via-Read-Mail-Module-38947) | An attacker can trigger a Cross Site Scripting of Webmin - Usermin, via Read Mail Module, in order to run JavaScript code in the context of the web site... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-nfqnl-mangle-38946" class="noirorange"><b>Linux kernel</b>: denial of service via nfqnl_mangle()</a>](https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-nfqnl-mangle-38946) | An attacker can cause a fatal error of the Linux kernel, via nfqnl_mangle(), in order to trigger a denial of service... | Visit link for details |
| [<a href="https://vigilance.fr/vulnerability/Go-denial-of-service-via-go-parser-Parse-38945" class="noirorange"><b>Go</b>: denial of service via go/parser Parse</a>](https://vigilance.fr/vulnerability/Go-denial-of-service-via-go-parser-Parse-38945) | An attacker can cause a fatal error of Go, via go/parser Parse, in order to trigger a denial of service... | Visit link for details |
Loading

0 comments on commit b17b657

Please sign in to comment.